Re: lilypond via web interface: security considerations

lilypond-user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lilypond via web interface: security considerations

From:	Daniel Hulme
Subject:	Re: lilypond via web interface: security considerations
Date:	Wed, 20 May 2009 08:42:58 +0100
User-agent:	Mutt/1.5.18 (2008-05-17)

This might sound like nitpicking, but since security's concerned, I want
to be absolutely clear.

On Tue, May 19, 2009 at 01:08:28PM -0400, Mike Blackstock wrote:
> Furthermore, you just limit the number of utilities you put in the
> /bin directories; if you don't have the 'rm' command in there, then it
> can't be run, obviously.

Removing the 'rm' binary will slow down someone who's trying to inject
commands by having you process "myfile.ly ; rm -rf /" but it won't stop
someone using Guile's POSIX system call module to do the same thing.

A chroot jail will keep the webserver safe, but it won't stop people
writing a Lilypond file that downloads a list of email addresses and
send spam to all of them.

-dsafe aims to protect against all of these attacks, but unless you know
exactly what it permits and denies you can't know whether it's
appropriate for the kind of use you intend.

-- 
"Follow the enemy and try to prevent  the enemy carrying away the guns."
On 25th Oct 1854, Lord Raglan, on a hill, can see one set of guns;  Lord
Lucan, down in the valley,  sees a different, better defended,  set, and
leads the Light Brigade in its fateful charge. http://surreal.istic.org/

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

lilypond via web interface: security considerations, Alex, 2009/05/18
- Re: lilypond via web interface: security considerations, Joseph Haig, 2009/05/18
  - Re: lilypond via web interface: security considerations, Alex, 2009/05/18
- Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/18
  - Re: lilypond via web interface: security considerations, Alex, 2009/05/18
    - Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/18
    - Re: lilypond via web interface: security considerations, Francisco Vila, 2009/05/18
    - Re: lilypond via web interface: security considerations, Alex, 2009/05/18
    - Re: lilypond via web interface: security considerations, Mike Blackstock, 2009/05/19
    - Re: lilypond via web interface: security considerations, Daniel Hulme <=
    - Re: lilypond via web interface: security considerations, Alex, 2009/05/20
    - Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/20
    - Re: lilypond via web interface: security considerations, Alex, 2009/05/21
    - Re: lilypond via web interface: security considerations, Matthias Kilian, 2009/05/21
    - Re: lilypond via web interface: security considerations, Alex, 2009/05/21
    - Re: lilypond via web interface: security considerations, Han-Wen Nienhuys, 2009/05/21
    - Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/21
    - Re: lilypond via web interface: security considerations, Alex, 2009/05/20
    - Re: lilypond via web interface: security considerations, Mike Blackstock, 2009/05/21
    - Re: lilypond via web interface: security considerations, Graham Percival, 2009/05/22

Prev by Date: Re: [PATCH] Re: relative mode occasionally gets forgotten?
Next by Date: Re: missing glissando features (bugs?)
Previous by thread: Re: lilypond via web interface: security considerations
Next by thread: Re: lilypond via web interface: security considerations
Index(es):
- Date
- Thread